The events of last year have caused an immense amount of disruption and uncertainty in the economy. To counteract this volatility, many organizations have accelerated their digitalization efforts in order to bolster their operations with modern digital ecosystems which better serve the needs of their customers. Many organisations have started the digitalization process using Microsoft Azure cloud – supporting speed, agility, and scalability, as well as having predictable costs.
In this blog, I’ll share some considerations around accelerating the road to cloud, and the security implications to take into account, ensuring that the organization’s digital transformation efforts are not jeopardized by cyber security issues.
Understanding your cloud security responsibilities
Many businesses have begun digitalizing their core to create resilient, secure, and scalable services that reduce their technical debt and risk. However, whilst digital transformation opens a business up to the many benefits of cloud services, it is important to focus on cyber security considerations as part of any cloud transition strategy.
Customer trust remains pivotal to corporate success and this is built on an organization’s ability to maintain the confidentiality and integrity of customer data. Therefore, this goal must be maintained when moving to cloud based services and requires specific consideration of cloud related threats during the digital transformation journey.
Simply put, cloud broadens the threat landscape and demands a wider security focus. It is no longer about protecting legacy data center perimeters but securing employees “working from anywhere”. As applications and services must be accessible from any location, enterprises need to have a clear understanding about their security responsibilities.
One important step is developing awareness of the Shared Responsibility Model. This is all about understanding where responsibility lies in the cloud. In general, cloud service providers are responsible for the security of the cloud infrastructure, while the cloud customer (you/your organization) is responsible for the security of the data or digital assets stored in the cloud.
“Fujitsu is widely recognized for their expertise in Microsoft cloud technology deployment, security and systems integration,” said Takuya Hirano, Vice President, System Integrator and Advisory Partners at Microsoft.
So, instead of focusing on securing your firm’s data center perimeter and network, priority needs to be shifted to protecting infrastructure and data across a heterogeneous and dispersed IT landscape with focus on data and user identities.
“Now with the Identity and Access Management Advanced Specialization, they are even better positioned to offer customers highly secured identity management for their Modern Work environments.”- Takuya Hirano, Vice President, System Integrator and Advisory Partners at Microsoft.
Zero-trust mentality
As our professional lives have become increasingly more remote and cloud adoption has accelerated, there is one security approach that has rapidly become the model of choice – zero-trust.
In zero-trust models, breaches are always assumed. Therefore, identities and devices must always be explicitly verified to gain access, and only the required amount of access is ever granted by applying the principle of least privilege. The principle of least privilege means individuals can only access information or resources that are necessary for their purposes at that specific time, thus limiting the risk for the business.
Security governance and compliance
While cloud has brought numerous benefits, with every new service that is utilized by a business, the complexity around maintaining security governance and compliance also increases. Organizations need to protect data wherever it is, at rest or on the move. This requires greater emphasis in understanding where data flows and where it is stored in order to apply appropriate protection according to its value and sensitivity. Applying the correct level of protection ensures that only the right people can access that data.
Countering the challenge of shadow IT
Cloud has brought IT services within easy reach for businesses, which has reduced the ability of IT departments to act as gatekeepers to services. Users can now quickly subscribe and consume cloud services with a few clicks and by providing their credit card. All of this can be done without the due care or knowledge of security implications associated with these actions.
And now, with user credentials and data stored across a multitude of cloud services, the challenge of managing ‘Shadow IT’ – the use of unsanctioned cloud applications and services – presents a huge cyber risk for companies.
To help combat this, organizations need to consider using Cloud Access Security Broker (CASB) services. CASB services help with the governance and usage of disparate cloud services, providing companies with assurance that only sanctioned cloud services are being used.
Four questions to ask yourself
To summarize what I have covered so far, here are four key questions that IT leaders of digitized organizations need to consider:
1. How can I make sure that compliance requirements are fulfilled when moving to the cloud?
We manage the compliance of cloud environments with our Cloud Security Posture Management (CSPM) service. This service helps customers to continuously assess their security posture and rectify any potential security risks.
2. How can I move to the cloud quickly and safely?
You can do this by using a Secure Cloud Foundation – our Springboard™ methodology which delivers a landing zone, secure by default. This is the ideal starting point to accelerate your business towards an agile cloud platform.
3. How can I ensure all bases are covered from a cyber security point of view?
By utilizing the Fujitsu Cloud Security Framework which simplifies the complexity of making the right cybersecurity choices when moving to the cloud. It comprises Identity and Access Management, Threat Protection, Information Protection and Security Management.
4. How can I make sure that security policies are consistently enforced?
Cloud Access Security Broker (CASB) services help with the governance and usage of disparate cloud services - providing companies with assurance that only sanctioned cloud services are being used.
We support organizations by providing technical and strategic consulting services. With early engagements through our independent consulting capability, we help organizations to define their cloud security strategy and understand their compliance requirements. Click here to learn more and get in touch with us if you need a trusted partner to help you complete your transformation into an adaptive business.